SECURWARE 2022, The Sixteenth International Conference on Emerging Security Information Systems and Technologies, is an event covering related topics on theory and practice on security, cryptography, secure protocols, trust, privacy, confidentiality, vulnerability, intrusion detection and other areas related to low enforcement, security data mining, malware models, etc.

Security, defined for ensuring protected communication among terminals and user applications across public and private networks, is the core for guaranteeing confidentiality, privacy, and data protection. Security affects business and individuals, raises the business risk, and requires a corporate and individual culture. In the open business space offered by Internet, it is a need to improve defences against hackers, disgruntled employees, and commercial rivals. There is a required balance between the effort and resources spent on security versus security achievements. Some vulnerability can be addressed using the rule of 80:20, meaning 80% of the vulnerabilities can be addressed for 20% of the costs. Other technical aspects are related to the communication speed versus complex and time consuming cryptography/security mechanisms and protocols.

Digital Ecosystem is defined as an open decentralized information infrastructure where different networked agents, such as enterprises (especially SMEs), intermediate actors, public bodies and end users, cooperate and compete enabling the creation of new complex structures. In digital ecosystems, the actors, their products and services can be seen as different organisms and species that are able to evolve and adapt dynamically to changing market conditions.

Digital Ecosystems lie at the intersection between different disciplines and fields: industry, business, social sciences, biology, and cutting edge ICT and its application driven research. They are supported by several underlying technologies such as semantic web and ontology-based knowledge sharing, self-organizing intelligent agents, peer-to-peer overlay networks, web services-based information platforms, and recommender systems.

To enable safe digital ecosystem functioning, security and trust mechanisms become essential components across all the technological layers. The aim is to bring together multidisciplinary research that ranges from technical aspects to socio-economic models.

As a multi-track event, SECURWARE 2022 will serve as a forum for researchers from the academia and the industry, professionals, standard developers, policy makers and practitioners to exchange ideas. The topics could be on techniques and applications, best practices, awareness and experiences as well as future trends and needs (both in research and practices) related to all aspects of information security, security systems and technologies.

SECURWARE 2022 has the following tracks:

TRENDS: Security challenges with new technologies
TRUSTED CONTRACTS: Secured digital society
SECSERV: Security-as-a-Service - Security technologies and systems-oriented security and safety
SECSTATUS: Advances and Challenges
SERVICES: Cyber Laboratory Services
SOLUTIONS: Cyber Laboratory Solutions
ARCH: Security frameworks, architectures and protocols
METRICS: Security, trust and privacy measurement
SECMAN: Security management
SECTECH: Security technologies
SYSSEC: System security
INFOSEC: Information security
RISK: Risk and security
MALWA: Malware and Anti-malware
ANTIFO: Anti-forensics
PRODAM: Profiling data mining
SECHOME: Smart home security
SECDYN: Security and privacy in dynamic environments
ECOSEC: Ecosystem security and trust
CRYPTO: Cryptography
CYBER-Threat
DEPEND: Dependability

We solicit both academic, research, and industrial contributions. We welcome technical papers presenting research and practical results, position papers addressing the pros and cons of specific proposals, such as those being discussed in the standard fora or in industry consortia, survey papers addressing the key problems and solutions on any of the above topics short papers on work in progress, and panel proposals.

Industrial presentations are not subject to the format and content constraints of regular submissions. We expect short and long presentations that express industrial position and status.

Tutorials on specific related topics and panels on challenging areas are encouraged.

The topics suggested by the conference can be discussed in term of concepts, state of the art, research, standards, implementations, running experiments, applications, and industrial case studies. Authors are invited to submit complete unpublished papers, which are not under review in any other conference or journal in the following, but not limited to, topic areas.

All topics and submission formats are open to both research and industry contributions.

SECURWARE 2022 conference tracks:

TRENDS: Security challenges with new technologies

Security in SDN, SDX, NFV; Security in 4G/5G networks; Security and Internet of X (everything, things, people, etc.); Security for Virtualization and Cloud; Security and Big Data; Security in sensing and sensor networks; Security and energy-aware networks; Security in content-oriented networking; Security in cellular cognitive networks

TRUSTED CONTRACTS: Secured digital society

Trusted transaction contracts; Blockchain; Bitcoin; Cryptocurrency Fees; Cryptocurrency Governance; Cryptocurrency Lending; Certificate transparency; Revocation transparency; Confidential assets; eVoting technologies and methods; Sealed-bid auctions; Trusted smart contracts; Cryptographic Web applications; Real estate: titles&tokens

SECSERV: Security-as-a-Service - Security technologies and systems-oriented security and safety

Certified services and businesses; Security certifying processes, technologies and standards; Industrial security; Security in information systems; Physical/Virtual/Cloud security; Corporate/Personal security; Security guarantee/assurance/risks; Surveillance systems; Security/Safety digital environments (electromagnetic waves, unsafe facilities, undocumented logistics, etc.); Cyber-security and public services risks (thefts, health, alarms, vehicular, surveillance, people with special needs, credit carts, use of arms, drone-based delivery, etc.); Security in supply-based systems; Security in mobile applications, Web-based, Cloud-based services, and Internet of Things (IoT)-based systems; Designing secure and green-oriented industrial systems; Security in production systems; Secure production lines and secure human-oriented products and services

SECSTATUS: Advances and Challenges

Cryptography; Encryption schemes; Cryptanalysis; Thrifty zero-knowledge approaches; Chaos-information hiding; Advances in biometric authentication; Passive forensics; Access, computation and communication security mechanisms; Secure error-tolerant protocols; Side-channel attacks; Malware and attacks prevention; Anti-analysis signals; Security-awareness; Culture-oriented prevention; Security for smart devices; Security for mobile applications; Anonymity and pseudo-anonymity; Mitigating threats; Privilege control and isolation; Cyber-attacks and human factors; IoT and big data security issues; Privacy and protection in eTechnologies; Secure virtualized environments; Security during system migration or updates; Security integration pitfalls; Data leakage, vulnerabilities, failures and lessons learned; Security standards

SERVICES: Cyber Laboratory Services

Cyber intelligence systems; Global defense; Security-awareness; Data sanitization and end-of-lifecycle solutions; Compliance solutions with PCI DSS standard from PCI DSS certified datacenters; Mobile Device Management (MDM) and Mobile Application Management (MAM); Identity and Access Management (IAM); Risk and security management; IT-Governance, Risks and compliance; Public safety and professional communications and solutions for situational awareness, command and control; Data security services

SOLUTIONS: Cyber Laboratory Solutions

Cyber intelligence technologies; Global threat correlation and reputation services; credentials, expiration time for client installations, feature restrictions, Web-console audit logging, etc.; Advanced testing software, for known and unknown flaws in software; identifying the weaknesses and vulnerabilities; E-mail communication confidentiality protection; Protect of enterprises and government agencies for their confidential data against leaks; Internet security and content cloud services; Risk and security management; IT-Governance, Risks and compliance; SCADA-based information security systems; Guideline on advising, building, developing and inspecting/auditing; information security practices and systems

ARCH: Security frameworks, architectures and protocols

Formal aspects of security; Security analysis methodologies; Security verification; Security protocols; Security architectures and formalisms; Security and design vulnerability; Security and privacy protection; Performance and security; Secure group communication/multicast; Software design security; Middleware security; Security for nomadic code; Intrusion detection systems; Static analysis for software security; Security modeling

METRICS: Security, trust and privacy measurement

Security, trust and privacy metrics; Security assurance metrics; Security measurement architectures; Metrics for adaptive security systems; Taxonomical and ontological support of security metrics; Experiments and benchmarks for security measurements; Embedding security measurability in software and service architectures; Risk-driven assessment of security; Assessment of effectiveness, efficiency and correctness of security; Mapping security metrics and security assurance metrics; Mapping security measurements and non-functional requirements

SECMAN: Security management

Identity management; Security law enforcement; PKI; PKI Key management; Incident response planning; Intrusion detection and event correlation; Firewalls; Trust management; Software security assurance

SECTECH: Security technologies

Secure protocols; Applied cryptography; Smart cards; Biometrics; Digital rights management; Electronic surveillance; Database security

SYSSEC: System security

Internet security; Security in wireless; Sensor/cellular network security; Ad hoc network security; Security in peer-to-peer networks; Security in wireless multimedia systems; Security in different networks (mesh, personal, local, metropolitan, GSM, Bluetooth, WiMax, IEEE 802.x, etc.); Security of emergency services

INFOSEC: Information security

Information hiding; Anonymity; Authentication; Data Integrity; Security data mining; Data confidentiality and integrity; Information flow protection; Trustworthy networks: authentication, privacy and security models; Secure service discovery; Secure location-based service; Information survivability

RISK: Risk and security

Operational risk (opRisk); OpRisk and field studies; Reputation risk; Risk and security-awareness; Business continuity and disaster recovery; Privacy-awareness; Security and trust

MALWA: Malware and Anti-malware

Threat taxonomies and modeling; Security threats; Threats propagation; Anti-malware technologies; Engineering anti-malware; Anti-virus, anti-spyware, anti-phishing; Malware propagation models; Profiling security information; Vulnerability analysis and countermeasures; Denial of service attacks; Measurements and metrics; Testing samples and techniques; Quarantine/reuse decisions; Anti-malware tool performance; Anti-malware tool suites; Open-source anti-malware; Host-based anti-malware; On-line anti-malware scanning

MISUSE: Electronic abuse protection

Messaging, viruses, spyware; Advanced misuse detection techniques /machine learning, natural language processing, challenge-response, etc./; Message filtering, blocking, authentication; Digital signatures; Generalized spamming /over email, Internet telephony, instant messaging, mobile phone, phishing, etc. /; Spam compression and recognition; Learning misuse patterns; Payment schemes; Economics of generalized spam; Tracking abuse tactics and patterns; Protecting legitimate use patterns; Methods for testing protection robustness; Costs and benefits of messaging use and misuse; Standards for messaging and misuse reporting; Legal aspects /identity theft, privacy, freedom of speech, etc./

ANTIFO: Anti-forensics

Advanced anti-forensics mechanisms; Smart anti-forensics; e-discovery industry and anti-forensics; Overwriting data and metadata; Data hiding approaches; Detecting forensics analysis; Anti-forensics tools; Unix-, Windows-, and Linux anti-forensics techniques; Open source anti-forensics tools; Network anti-forensics tools

PRODAM: Profiling data mining

User and traffic profiling; Data mining and visualization; Profile mining and knowledge discovery; Mining lifecycle for profile collections; Profile warehouse construction; Profile portfolio and profile discovery; Profiling game users and game traffic; Profiling transactions; Simpson'd paradox; Real-time profiling mechanisms; Patterns for information profiling; Profiling engines; Profiling metrics; Forensics; Profiling applications (banks, on-line shopping, etc.); Data mining-based user profile prediction

SECHOME: Smart home security

Fundamentals for SHS; Privacy and protection for SHS; Identify and location management in SHS; Authentication and authorization in SHS; Access control and security policies in SHS; Trust and reputation management; Security context-based interfaces for SHS; SHS for accessibility and elderly/disabled people; Real-time challenges for SHS in eHealth environments; Architectures and systems for SHS; Network technologies and protocols for SHS; Ubiquitous/pervasive platform and middleware for SHS; Services and applications for SHS; SHS on campuses and hotels; SHS for mission critical laboratories; Content protection and digital rights management for SHS; Intelligent devices, sensor network/RFID for SHS; Intrusion detection and computer forensics for SHS; SHS and Homeland security; Personal data privacy and protection in SHS; Emerging standards and technologies for SHS; Commercial and industrial for SHS; Case studies, prototypes and experience

SECDYN: Security and privacy in dynamic environments

Fundamentals on highly dynamic environments; Privacy and predefined access control dilemma; Privacy police, provisions and obligations; Dependability in dynamic environments; Protection of digital documents in dynamic environments; On-line activities in high dynamic systems; Law enforcement in high dynamic systems; Personalization; Privacy and transparency; Distributed usage control; Privacy compliance; Secure ambient intelligence; Secure embedded microprocessor architectures; Secure compilation techniques

ECOSEC: Ecosystem security and trust

Secure and trusted service compositions in peer-to-peer networks; Secure data management in collaborative peer-to-peer networks; Security and reputation models for self-adaptive overlay networks; Identity and trust management in dynamic, self-organizing environments; Social institutional-based trust models for self-evolving communities

CRYPTO: Cryptography

Foundations of cryptography; Applied cryptography; Cryptanalysis; Signatures schemes and trust models; Cryptographic algorithms; Electronic payment systems; High-performance encryption methods; Group-oriented cryptography; Identity-based cryptography; Anonymous authentication; Cryptography for multi-user environments; Cryptography and secure localization systems; Attacks on cryptosystems

CYBER-Threat

e-Crime; Epidemiological models for warware and cyber-crime propagation; Record and retrieval of cyber-crimes; Cyber-crime prevention; Cyber-crime vulnerabilities; Cyber-counterattack at source; Distributed cyber-attacks; Orchestrated cyber-attacks; Recursion attacks; Cyber-storm attacks; Cyber-pranks, hoaxes; Phishing/Pharming and anti-phishing; Cyber-terrorism; Online cyber-crime reporting; Accuracy and security of cyber-reports; Fighting cyber-crimes; Cyber-crime laws

DEPEND: Dependability

Dependability and new technologies; Dependability facets; Adaptability and (self)adaptability; Adaptability and dependability; Big Data and dependability; Dependability and security; Trust and system dependability; Dependability, adaptability, and new technologies